You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Potential fix for
[https://github.com/fuzzzerd/SharpFM/security/code-scanning/1](https://github.com/fuzzzerd/SharpFM/security/code-scanning/1)
To fix the workflow so it adheres to least privilege principles, you
should add a `permissions` block to either the root of the workflow (to
apply to all jobs), or directly under the `release` job (to apply only
to that job). Since there is only one job in this workflow and no step
requires special permissions, the best fix is to add `permissions:
contents: read` just below the workflow name near the top of the file.
This will restrict GITHUB_TOKEN for all steps, preventing accidental
privilege escalation and aligning with GitHub recommended practices. No
other lines need to change, and no imports or definitions are required.
---
_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?v=4&size=40){kind=avatar}
0 commit comments